You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@roller.apache.org by gm...@apache.org on 2014/08/02 01:37:19 UTC
svn commit: r1615269 - in /roller/trunk/app/src:
main/java/org/apache/roller/weblogger/config/
main/java/org/apache/roller/weblogger/ui/core/security/
main/java/org/apache/roller/weblogger/ui/struts2/admin/
main/java/org/apache/roller/weblogger/ui/stru...
Author: gmazza
Date: Fri Aug 1 23:37:18 2014
New Revision: 1615269
URL: http://svn.apache.org/r1615269
Log:
Switched auth methods to a single authentication.method flag & AuthMethod enum; tested with LDAP and regular DB; change works w/OpenID but OpenID itself needs fixing (problems unrelated to this commit).
Added:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java
Modified:
roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java
roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
roller/trunk/app/src/main/resources/ApplicationResources.properties
roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties
roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp
roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp
roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp
roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp
roller/trunk/app/src/test/resources/roller-custom.properties
roller/trunk/app/src/test/resources/roller-jettyrun.properties
Added: roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java?rev=1615269&view=auto
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java (added)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/AuthMethod.java Fri Aug 1 23:37:18 2014
@@ -0,0 +1,47 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. The ASF licenses this file to You
+ * under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License. For additional information regarding
+ * copyright in this work, please see the NOTICE file in the top level
+ * directory of this distribution.
+ */
+package org.apache.roller.weblogger.config;
+
+public enum AuthMethod {
+ ROLLERDB("db"),
+ LDAP("ldap"),
+ OPENID("openid"),
+ DB_OPENID("db-openid"),
+ CMA("cma");
+
+ private final String propertyName;
+
+ AuthMethod(String propertyName) {
+ this.propertyName = propertyName;
+ }
+
+ public String getPropertyName() {
+ return propertyName;
+ }
+
+ public static AuthMethod getAuthMethod(String propertyName) {
+ for (AuthMethod test : AuthMethod.values()) {
+ if (test.getPropertyName().equals(propertyName)) {
+ return test;
+ }
+ }
+ throw new IllegalArgumentException("Unknown authentication.method property value: "
+ + propertyName + " defined in Roller properties file.");
+ }
+
+}
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/config/WebloggerConfig.java Fri Aug 1 23:37:18 2014
@@ -160,7 +160,7 @@ public final class WebloggerConfig {
public static String getProperty(String key) {
log.debug("Fetching property ["+key+"="+config.getProperty(key)+"]");
String value = config.getProperty(key);
- return value == null ? value : value.trim();
+ return value == null ? null : value.trim();
}
/**
@@ -274,5 +274,17 @@ public final class WebloggerConfig {
config.setProperty("themes.dir", path);
}
}
+
+ /**
+ * Return the value of the authentication.method property as an AuthMethod
+ * enum value. Matching is done by checking the propertyName of each AuthMethod
+ * enum object.
+ * <p />
+ * @throws IllegalArgumentException if property value defined in the properties
+ * file is missing or not the property name of any AuthMethod enum object.
+ */
+ public static AuthMethod getAuthMethod() {
+ return AuthMethod.getAuthMethod(getProperty("authentication.method"));
+ }
}
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/core/security/CustomUserRegistry.java Fri Aug 1 23:37:18 2014
@@ -26,6 +26,7 @@ import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;
import javax.servlet.http.HttpServletRequest;
+import org.apache.roller.weblogger.config.AuthMethod;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
@@ -58,9 +59,9 @@ public class CustomUserRegistry {
public static User getUserDetailsFromAuthentication(HttpServletRequest request) {
- boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
- if(!usingSSO) {
- LOG.info("SSO is not enabled. Skipping CustomUserRegistry functionality.");
+ boolean usingLDAP = WebloggerConfig.getAuthMethod() == AuthMethod.LDAP;
+ if (!usingLDAP) {
+ LOG.info("LDAP is not enabled. Skipping CustomUserRegistry functionality.");
return null;
}
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/ModifyUser.java Fri Aug 1 23:37:18 2014
@@ -27,6 +27,7 @@ import org.apache.commons.logging.LogFac
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.AuthMethod;
import org.apache.roller.weblogger.config.WebloggerConfig;
import org.apache.roller.weblogger.pojos.GlobalPermission;
import org.apache.roller.weblogger.pojos.User;
@@ -42,8 +43,6 @@ public class ModifyUser extends UIAction
private static Log log = LogFactory.getLog(ModifyUser.class);
- private static final boolean IS_CMA = WebloggerConfig.getBooleanProperty("authentication.cma.enabled");
-
// user we are modifying
private User user = new User();
@@ -51,8 +50,7 @@ public class ModifyUser extends UIAction
private CreateUserBean bean = new CreateUserBean();
private String userName = null;
-
-
+
public ModifyUser() {
this.actionName = "modifyUser";
this.desiredMenu = "admin";
@@ -164,7 +162,7 @@ public class ModifyUser extends UIAction
}
- if (!IS_CMA) {
+ if (!AuthMethod.CMA.equals(WebloggerConfig.getAuthMethod())) {
RollerContext.flushAuthenticationUserCache(getUser().getUserName());
}
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Login.java Fri Aug 1 23:37:18 2014
@@ -18,6 +18,7 @@
package org.apache.roller.weblogger.ui.struts2.core;
+import org.apache.roller.weblogger.config.AuthMethod;
import org.apache.roller.weblogger.config.WebloggerConfig;
import org.apache.roller.weblogger.ui.struts2.util.UIAction;
@@ -36,6 +37,8 @@ public class Login extends UIAction {
private String error = null;
+ private AuthMethod authMethod = WebloggerConfig.getAuthMethod();
+
public Login() {
this.pageTitle = "loginPage.title";
}
@@ -50,10 +53,10 @@ public class Login extends UIAction {
return false;
}
- public String getOpenIdConfiguration() {
- return WebloggerConfig.getProperty("authentication.openid");
+ public String getAuthMethod() {
+ return authMethod.name();
}
-
+
public String execute() {
// set action error message if there was login error
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/MainMenu.java Fri Aug 1 23:37:18 2014
@@ -65,8 +65,6 @@ public class MainMenu extends UIAction {
UserManager umgr = WebloggerFactory.getWeblogger().getUserManager();
WeblogManager wmgr = WebloggerFactory.getWeblogger().getWeblogManager();
Weblog weblog = wmgr.getWeblog(getInviteId());
- // TODO ROLLER_2.0: notify inviter that invitee has accepted invitation
- // TODO EXCEPTIONS: better exception handling
umgr.confirmWeblogPermission(weblog, getAuthenticatedUser());
WebloggerFactory.getWeblogger().flush();
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Profile.java Fri Aug 1 23:37:18 2014
@@ -23,6 +23,7 @@ import org.apache.commons.logging.LogFac
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.AuthMethod;
import org.apache.roller.weblogger.config.WebloggerConfig;
import org.apache.roller.weblogger.pojos.User;
import org.apache.roller.weblogger.pojos.UserAttribute;
@@ -38,12 +39,8 @@ public class Profile extends UIAction {
private static Log log = LogFactory.getLog(Profile.class);
private ProfileBean bean = new ProfileBean();
- private String openIdConfiguration =
- WebloggerConfig.getProperty("authentication.openid");
- private boolean usingSso =
- WebloggerConfig.getBooleanProperty("users.sso.enabled");
-
-
+ private AuthMethod authMethod = WebloggerConfig.getAuthMethod();
+
public Profile() {
this.pageTitle = "yourProfile.title";
}
@@ -140,7 +137,6 @@ public class Profile extends UIAction {
return INPUT;
}
-
public void myValidate() {
// check that passwords match if they were specified (w/StringUtils.equals, null == null)
if (!StringUtils.equals(getBean().getPasswordText(), getBean().getPasswordConfirm())) {
@@ -148,8 +144,8 @@ public class Profile extends UIAction {
}
}
- public String getOpenIdConfiguration() {
- return openIdConfiguration;
+ public String getAuthMethod() {
+ return authMethod.name();
}
public ProfileBean getBean() {
@@ -159,8 +155,4 @@ public class Profile extends UIAction {
public void setBean(ProfileBean bean) {
this.bean = bean;
}
-
- public boolean getUsingSso() {
- return this.usingSso;
- }
}
Modified: roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java (original)
+++ roller/trunk/app/src/main/java/org/apache/roller/weblogger/ui/struts2/core/Register.java Fri Aug 1 23:37:18 2014
@@ -29,6 +29,7 @@ import org.apache.commons.logging.LogFac
import org.apache.roller.weblogger.WebloggerException;
import org.apache.roller.weblogger.business.WebloggerFactory;
import org.apache.roller.weblogger.business.UserManager;
+import org.apache.roller.weblogger.config.AuthMethod;
import org.apache.roller.weblogger.config.WebloggerConfig;
import org.apache.roller.weblogger.config.WebloggerRuntimeConfig;
import org.apache.roller.weblogger.pojos.User;
@@ -58,8 +59,9 @@ public class Register extends UIAction i
// this is a no-no, we should not need this
private HttpServletRequest servletRequest = null;
-
- private boolean fromSSO = false;
+
+ private AuthMethod authMethod = WebloggerConfig.getAuthMethod();
+
private String activationStatus = null;
private String activationCode = null;
@@ -79,10 +81,10 @@ public class Register extends UIAction i
return false;
}
- public String getOpenIdConfiguration() {
- return WebloggerConfig.getProperty("authentication.openid");
+ public String getAuthMethod() {
+ return authMethod.name();
}
-
+
@SkipValidation
public String execute() {
@@ -139,21 +141,19 @@ public class Register extends UIAction i
try {
- boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
- if (usingSSO) {
+ if (WebloggerConfig.getAuthMethod() == AuthMethod.LDAP) {
// See if user is already logged in via Spring Security
User fromSSOUser = CustomUserRegistry.getUserDetailsFromAuthentication(getServletRequest());
if (fromSSOUser != null) {
// Copy user details from Spring Security, including LDAP attributes
getBean().copyFrom(fromSSOUser);
- setFromSSO(true);
}
+ } else if (WebloggerConfig.getAuthMethod() == AuthMethod.CMA) {
// See if user is already logged in via CMA
- else if (getServletRequest().getUserPrincipal() != null) {
+ if (getServletRequest().getUserPrincipal() != null) {
// Only detail we get is username, sadly no LDAP attributes
getBean().setUserName(getServletRequest().getUserPrincipal().getName());
getBean().setScreenName(getServletRequest().getUserPrincipal().getName());
- setFromSSO(true);
}
}
@@ -274,7 +274,7 @@ public class Register extends UIAction i
} catch (WebloggerException ex) {
log.error("Error adding new user", ex);
- addError("Error adding new user");
+ addError("generic.system.error");
}
}
@@ -326,8 +326,7 @@ public class Register extends UIAction i
public void myValidate() {
// if usingSSO, we don't want to error on empty password/username from HTML form.
- setFromSSO(false);
- boolean usingSSO = WebloggerConfig.getBooleanProperty("users.sso.enabled");
+ boolean usingSSO = authMethod == AuthMethod.LDAP || authMethod == AuthMethod.CMA;
if (usingSSO) {
boolean storePassword = WebloggerConfig.getBooleanProperty("users.sso.passwords.save");
String password = WebloggerConfig.getProperty("users.sso.passwords.defaultValue", "<unknown>");
@@ -341,7 +340,6 @@ public class Register extends UIAction i
getBean().setPasswordText(password);
getBean().setPasswordConfirm(password);
getBean().setUserName(fromSSOUser.getUserName());
- setFromSSO(true);
}
// Preserve username and password, CMA case
@@ -349,7 +347,6 @@ public class Register extends UIAction i
getBean().setUserName(getServletRequest().getUserPrincipal().getName());
getBean().setPasswordText(password);
getBean().setPasswordConfirm(password);
- setFromSSO(true);
}
}
@@ -365,14 +362,15 @@ public class Register extends UIAction i
}
// check password, it is required if OpenID and SSO are disabled
- if (getOpenIdConfiguration().equals("disabled") && !getFromSSO()
+ if (AuthMethod.ROLLERDB.name().equals(getAuthMethod())
&& StringUtils.isEmpty(getBean().getPasswordText())) {
addError("error.add.user.passwordEmpty");
return;
}
// User.password does not allow null, so generate one
- if (getOpenIdConfiguration().equals("only")) {
+ if (getAuthMethod().equals(AuthMethod.OPENID.name()) ||
+ (getAuthMethod().equals(AuthMethod.DB_OPENID.name()) && !StringUtils.isEmpty(getBean().getOpenIdUrl()))) {
String randomString = RandomStringUtils.randomAlphanumeric(255);
getBean().setPasswordText(randomString);
getBean().setPasswordConfirm(randomString);
@@ -380,7 +378,7 @@ public class Register extends UIAction i
// check that passwords match
if (!getBean().getPasswordText().equals(getBean().getPasswordConfirm())) {
- addError("Register.error.passowordMismatch");
+ addError("userRegister.error.mismatchedPasswords");
}
// check that username is not taken
@@ -394,7 +392,7 @@ public class Register extends UIAction i
}
} catch (WebloggerException ex) {
log.error("error checking for user", ex);
- addError("Unexpected error checking user -- check Roller logs");
+ addError("generic.system.error");
}
}
}
@@ -416,14 +414,6 @@ public class Register extends UIAction i
this.bean = bean;
}
- public boolean getFromSSO() {
- return fromSSO;
- }
-
- public void setFromSSO(boolean fromSSO) {
- this.fromSSO = fromSSO;
- }
-
public String getActivationStatus() {
return activationStatus;
}
Modified: roller/trunk/app/src/main/resources/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/ApplicationResources.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/resources/ApplicationResources.properties (original)
+++ roller/trunk/app/src/main/resources/ApplicationResources.properties Fri Aug 1 23:37:18 2014
@@ -1392,8 +1392,8 @@ userRegister.tip.openid.disabled=Enter a
and confirm that password by entering it a second time.
userRegister.tip.openid.hybrid=You can choose to login via username/password or \
-OpenID. For more information about OpenID see \
-<a href=\"http://openid.net\">http://openid.net</a>.
+<a href=\"http://openid.net\">OpenID</a>. If you choose the latter, leave \
+the password fields blank.
userRegister.tip.openid.only=This site uses only OpenID for logins, so please \
specify your OpenID identifier below. For more information about OpenID see \
Modified: roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties (original)
+++ roller/trunk/app/src/main/resources/org/apache/roller/weblogger/config/roller.properties Fri Aug 1 23:37:18 2014
@@ -322,19 +322,21 @@ cache.salt.timeout=3600
# Security settings
#-----------------------------------------------------------------------------
+# Top-level authentication declaration for Apache Roller. Introduced in Roller 5.1,
+# replaces authentication.cma.enabled, authentication.openid, and users.sso.enabled
+# from earlier versions. Must be one of the following values:
+# db: use Roller database to store usernames and passwords
+# ldap: use external LDAP to authenticate (must configure Roller security.xml,
+# see Roller Wiki for more details)
+# openid: users must use OpenID to authenticate
+# db-openid: users may choose to authenticate via Roller DB or OpenID but not both.
+# cma: container-managed authentication (e.g., Tomcat tomcat-users.xml file). Currently
+# unusable, not fully implemented.
+authentication.method=db
+
# Enables HTTPS for login page only
securelogin.enabled=false
-# Enable container managed authentication
-authentication.cma.enabled=false
-
-# Enable/disable OpenID (requires Spring Security, will not work with CMA)
-# This can be set to one of three values:
-# - disabled: no OpenID support, no evidence of OpenID in the Web UI
-# - hybrid: allow users to use either password or OpenID
-# - only: users must use OpenID only, no password allowed
-authentication.openid=disabled
-
# Password security settings
passwds.encryption.enabled=true
passwds.encryption.algorithm=SHA
@@ -376,17 +378,13 @@ salt.ignored.urls=mediaFileAdd!save.rol,
#----------------------------------
# Single-Sign-On (LDAP)
-# Enables Roller to behave differently when registering new users
-# in an SSO-enabled environment. You must configure WEB-INF/security.xml appropriately.
-users.sso.enabled=false
-
# Set these properties for a custom LDAP schema (optional)
#users.sso.registry.ldap.attributes.name=cn
#users.sso.registry.ldap.attributes.email=mail
#users.sso.registry.ldap.attributes.locale=locale
#users.sso.registry.ldap.attributes.timezone=timezone
-# If you don't want user credentials from LDAP/etc to be stored in Roller
+# If you don't want user credentials from LDAP to be stored in Roller
# (possibly in clear-text) leave this alone, otherwise set to true.
# i.e. you would like a backup auth mechanism in case LDAP is down.
users.sso.passwords.save=false
Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Login.jsp Fri Aug 1 23:37:18 2014
@@ -18,11 +18,12 @@
<%-- Body of the login page, invoked from login.jsp --%>
<%@ page import="org.apache.roller.weblogger.config.WebloggerConfig" %>
+<%@ page import="org.apache.roller.weblogger.config.AuthMethod" %>
<%@ include file="/WEB-INF/jsps/taglibs-struts2.jsp" %>
<%!
String securityCheckUrl = null;
-boolean cmaEnabled = WebloggerConfig.getBooleanProperty("authentication.cma.enabled");
+boolean cmaEnabled = "CMA".equals(WebloggerConfig.getAuthMethod());
%>
<%
@@ -33,8 +34,7 @@ if (cmaEnabled) {
}
%>
-
-<s:if test="openIdConfiguration != 'disabled'">
+<s:if test="authMethod == 'OPENID' || authMethod == 'DB_OPENID'">
<p><s:text name="loginPage.openIdPrompt" /></p>
@@ -52,22 +52,22 @@ if (cmaEnabled) {
<tr>
<td width="20%"></td>
<td width="80%">
- <input type="submit" name="submit" id="submit" value="<s:text name="loginPage.loginOpenID" />" />
+ <input type="submit" name="submit" id="submit" value="<s:text name='loginPage.loginOpenID'/>" />
</td>
</tr>
</table>
</form>
</s:if>
-<s:if test="openIdConfiguration != 'only'">
+<s:if test="authMethod != 'OPENID'">
- <s:if test="openIdConfiguration == 'hybrid'">
+ <s:if test="authMethod == 'DB_OPENID'">
<p><s:text name="loginPage.openIdHybridPrompt" /></p>
</s:if>
- <s:if test="openIdConfiguration == 'disabled'">
+ <s:else>
<p><s:text name="loginPage.prompt" /></p>
- </s:if>
+ </s:else>
<form method="post" id="loginForm"
action="<c:url value="<%= securityCheckUrl %>"/>"
@@ -104,8 +104,8 @@ if (cmaEnabled) {
<tr>
<td width="20%"></td>
<td width="80%">
- <input type="submit" name="login" id="login" value="<s:text name="loginPage.login" />" />
- <input type="reset" name="reset" id="reset" value="<s:text name="loginPage.reset" />"
+ <input type="submit" name="login" id="login" value="<s:text name='loginPage.login' />" />
+ <input type="reset" name="reset" id="reset" value="<s:text name='loginPage.reset' />"
onclick="document.getElementById('j_username').focus()" />
</td>
</tr>
@@ -115,8 +115,7 @@ if (cmaEnabled) {
</s:if>
<script>
-<!--
-<s:if test="openIdConfiguration != 'disabled'">
+<s:if test="authMethod == 'OPENID' || authMethod == 'DB_OPENID'">
function focusToOpenidForm() {
return (document.getElementById && document.getElementById("j_username") === null) ||
getCookie("favorite_authentication_method") !== "username";
@@ -139,7 +138,7 @@ function saveOpenidIdentifier(theForm) {
}
</s:if>
-<s:if test="openIdConfiguration != 'only'">
+<s:if test="authMethod != 'OPENID'">
function focusToUsernamePasswordForm() {
return (document.getElementById && document.getElementById("openid_identifier") === null) ||
getCookie("favorite_authentication_method") === "username";
@@ -165,5 +164,4 @@ function saveUsername(theForm) {
setCookie("favorite_authentication_method", "username");
}
</s:if>
-//-->
</script>
\ No newline at end of file
Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Profile.jsp Fri Aug 1 23:37:18 2014
@@ -48,7 +48,7 @@
<td class="description"><s:text name="userRegister.tip.email" /></td>
</tr>
- <s:if test="openIdConfiguration != 'only' && !usingSso">
+ <s:if test="authMethod == 'ROLLERDB' || authMethod == 'DB_OPENID'">
<tr>
<td class="label"><label for="passwordText" /><s:text name="userSettings.password" /></label></td>
<td class="field">
Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/core/Register.jsp Fri Aug 1 23:37:18 2014
@@ -32,7 +32,7 @@
</td>
</tr>
- <s:if test="fromSSO">
+ <s:if test="authMethod == 'LDAP'">
<tr>
<td class="label"><label for="userName" /><s:text name="userSettings.username" /></label></td>
<td class="field"><strong><s:property value="bean.userName" /></strong></td>
@@ -65,26 +65,26 @@
<td class="description"><s:text name="userRegister.tip.email" /></td>
</tr>
- <s:if test="!fromSSO">
+ <s:if test="authMethod != 'LDAP'">
<tr>
<td colspan="3">
<h2><s:text name="userRegister.heading.authentication" /></h2>
- <s:if test="openIdConfiguration == 'disabled'">
+ <s:if test="authMethod == 'ROLLERDB'">
<p><s:text name="userRegister.tip.openid.disabled" /></p>
</s:if>
- <s:if test="openIdConfiguration == 'hybrid'">
+ <s:if test="authMethod == 'DB_OPENID'">
<p><s:text name="userRegister.tip.openid.hybrid" /></p>
</s:if>
- <s:if test="openIdConfiguration == 'only'">
+ <s:if test="authMethod == 'OPENID'">
<p><s:text name="userRegister.tip.openid.only" /></p>
</s:if>
</td>
</tr>
- <s:if test="openIdConfiguration != 'only'">
+ <s:if test="authMethod != 'OPENID'">
<tr>
<td class="label"><label for="passwordText" /><s:text name="userSettings.password" /></label></td>
<td class="field">
@@ -107,10 +107,10 @@
</s:else>
- <s:if test="openIdConfiguration != 'disabled'">
+ <s:if test="authMethod == 'OPENID' || authMethod == 'DB_OPENID'">
<tr>
<td class="label"><label for="openIdUrl" /><s:text name="userSettings.openIdUrl" /></label></td>
- <td class="field"><s:textfield name="bean.openIdUrl" size="40" maxlength="255" id="f_openid_identifier" onkeyup="onChange()"/></td>
+ <td class="field"><s:textfield name="bean.openIdUrl" size="40" maxlength="255" id="f_openid_identifier" onkeyup="onChange()"/></td>
<td class="description"><s:text name="userRegister.tip.openIdUrl" /></td>
</tr>
</s:if>
@@ -157,36 +157,35 @@
<script>
function onChange() {
var disabled = true;
- var openIdConfig = '<s:property value="openIdConfiguration" />';
- var ssoEnabled = <s:property value="fromSSO" />;
+ var authMethod = "<s:property value='authMethod' />";
var emailAddress = document.register['bean.emailAddress'].value;
var userName = passwordText = passwordConfirm = openIdUrl = "";
- if (ssoEnabled) {
+ if (authMethod == 'LDAP') {
userName = '<s:property value="bean.userName" />';
} else {
userName = document.register['bean.userName'].value;
}
- if (ssoEnabled == false && openIdConfig != 'only') {
+ if (authMethod == "ROLLERDB" || authMethod == "DB_OPENID") {
passwordText = document.register['bean.passwordText'].value;
passwordConfirm = document.register['bean.passwordConfirm'].value;
}
- if (openIdConfig != 'disabled') {
+ if (authMethod == "OPENID" || authMethod == "DB_OPENID") {
openIdUrl = document.register['bean.openIdUrl'].value;
}
- if (ssoEnabled) {
+ if (authMethod == "LDAP") {
if (emailAddress) disabled = false;
- } else if (openIdConfig == 'disabled') {
+ } else if (authMethod == "ROLLERDB") {
if (emailAddress && userName && passwordText && passwordConfirm) disabled = false;
- } else if (openIdConfig == 'only') {
+ } else if (authMethod == "OPENID") {
if (emailAddress && openIdUrl) disabled = false;
- } else if (openIdConfig == 'hybrid') {
+ } else if (authMethod == "DB_OPENID") {
if (emailAddress && ((passwordText && passwordConfirm) || (openIdUrl)) ) disabled = false;
}
- if (!ssoEnabled) {
+ if (authMethod != 'LDAP') {
if ((passwordText || passwordConfirm) && !(passwordText == passwordConfirm)) {
document.getElementById('readytip').innerHTML = '<s:text name="userRegister.error.mismatchedPasswords" />';
disabled = true;
Modified: roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp (original)
+++ roller/trunk/app/src/main/webapp/WEB-INF/jsps/tiles/bannerStatus.jsp Fri Aug 1 23:37:18 2014
@@ -41,18 +41,18 @@
<td class="bannerRight">
- <a href="<s:url value="/"/>"><s:property value="getProp('site.shortName')"/></a>
+ <a href="<s:url value='/'/>"><s:property value="getProp('site.shortName')"/></a>
- | <a href="<s:url action="menu" namespace="/roller-ui" />"><s:text name="mainPage.mainMenu" /></a>
+ | <a href="<s:url action='menu' namespace='/roller-ui' />"><s:text name="mainPage.mainMenu" /></a>
<s:if test="authenticatedUser != null">
- | <a href="<s:url action="logout" namespace="/roller-ui" />"><s:text name="navigationBar.logout"/></a>
+ | <a href="<s:url action='logout' namespace='/roller-ui' />"><s:text name="navigationBar.logout"/></a>
</s:if>
<s:else>
- | <a href="<s:url action="login-redirect" namespace="/roller-ui" />"><s:text name="navigationBar.login"/></a>
+ | <a href="<s:url action='login-redirect' namespace='/roller-ui' />"><s:text name="navigationBar.login"/></a>
- <s:if test="getBooleanProp('users.registration.enabled') && !getBooleanProp('users.sso.enabled')">
- | <a href="<s:url action="register" namespace="/roller-ui" />"><s:text name="navigationBar.register"/></a>
+ <s:if test="getBooleanProp('users.registration.enabled') && getProp('authentication.method') != 'ldap'">
+ | <a href="<s:url action='register' namespace='/roller-ui' />"><s:text name="navigationBar.register"/></a>
</s:if>
<s:elseif test="getProp('users.registration.url') != null && getProp('users.registration.url') > 0">
| <a href="<s:property value="getProp('users.registration.url')"/>"><s:text name="navigationBar.register"/></a>
Modified: roller/trunk/app/src/test/resources/roller-custom.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/test/resources/roller-custom.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/test/resources/roller-custom.properties (original)
+++ roller/trunk/app/src/test/resources/roller-custom.properties Fri Aug 1 23:37:18 2014
@@ -13,8 +13,6 @@ hibernate.dialect=org.hibernate.dialect.
hibernate.transaction.factory_class=org.hibernate.transaction.JDBCTransactionFactory
# turn off transaction manager during JUnit testing (TODO: find way to activate for JUnit tests)
-# use CMA authentication to work around Spring init issues in UI tests
-authentication.cma.enabled=true
# use plain text passwords in testing
passwds.encryption.enabled=false
Modified: roller/trunk/app/src/test/resources/roller-jettyrun.properties
URL: http://svn.apache.org/viewvc/roller/trunk/app/src/test/resources/roller-jettyrun.properties?rev=1615269&r1=1615268&r2=1615269&view=diff
==============================================================================
--- roller/trunk/app/src/test/resources/roller-jettyrun.properties (original)
+++ roller/trunk/app/src/test/resources/roller-jettyrun.properties Fri Aug 1 23:37:18 2014
@@ -3,9 +3,6 @@
installation.type=auto
planet.aggregator.enabled=true
-# openid options: disabled, hybrid and only
-authentication.openid=disabled
-
database.configurationType=jdbc
database.jdbc.driverClass=org.apache.derby.jdbc.ClientDriver
# In-memory Derby database activated via "startdb" execution in app/pom.xml